CVE-2004-1384

phpGroupWare <= 0.9.16.003 - Cross-Site Scripting via Multiple Parameters

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2004-1384. PoCs published by GulfTech Security.

AI-analyzed exploit summary This is a vulnerability writeup describing SQL injection and XSS issues in PHPGroupWare 0.9.16.003. It includes a sample XSS payload but lacks executable exploit code.

Description

Multiple cross-site scripting (XSS) vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) kp3, (2) type, (3) msg, (4) forum_id, (5) pos, (6) cats_app, (7) cat_id, (8) msgball[msgnum], (9) fldball[acctnum] parameters to index.php or (10) ticket_id to viewticket_details.php.

Exploits (2)

exploitdb WRITEUP VERIFIED
by GulfTech Security · textwebappsphp
https://www.exploit-db.com/exploits/24845

This is a vulnerability writeup describing SQL injection and XSS issues in PHPGroupWare 0.9.16.003. It includes a sample XSS payload but lacks executable exploit code.

Classification
Writeup 90%
Attack Type
Sqli | Xss
Complexity
Trivial
Reliability
Theoretical
Target: PHPGroupWare 0.9.16.003
No auth needed
Prerequisites: Access to a vulnerable PHPGroupWare instance
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by GulfTech Security · textwebappsphp
https://www.exploit-db.com/exploits/24844

The provided text describes multiple input validation vulnerabilities in PHPGroupWare, including SQL injection and cross-site scripting (XSS) issues. It includes example URLs demonstrating XSS payloads but does not contain executable exploit code.

Classification
Writeup 90%
Attack Type
Xss | Sqli
Complexity
Trivial
Reliability
Theoretical
Target: PHPGroupWare 0.9.16.003
No auth needed
Prerequisites: Access to the vulnerable PHPGroupWare instance
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18496
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110312656029072&w=2
Exploit, Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/11952
Patch vendor-advisory x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200501-08.xml

Scores

EPSS 0.0404
EPSS Percentile 89.3%

Details

Status published
Products (11)
phpgroupware/phpgroupware 0.9.12
phpgroupware/phpgroupware 0.9.13
phpgroupware/phpgroupware 0.9.14
phpgroupware/phpgroupware 0.9.14.003
phpgroupware/phpgroupware 0.9.14.005
phpgroupware/phpgroupware 0.9.14.006
phpgroupware/phpgroupware 0.9.14.007
phpgroupware/phpgroupware 0.9.16.000
phpgroupware/phpgroupware 0.9.16.002
phpgroupware/phpgroupware 0.9.16.003
... and 1 more
Published Dec 31, 2004
Tracked Since Feb 18, 2026